Pratham Sikka
04/18/2024, 12:54 PMmake publish-lambda S3Bucket=<bucket-name>
Deploying with following values
===============================
Stack name : Cerbos
Region : None
Confirm changeset : False
Disable rollback : False
Deployment s3 bucket : None
Capabilities : ["CAPABILITY_IAM"]
Parameter overrides : {"ArchitectureParameter": "x86_64"}
Signing Profiles : {}
Initiating deployment
=====================
Waiting for changeset to be created..
CloudFormation stack changeset
-----------------------------------------------------------------------------------------------------------------
Operation LogicalResourceId ResourceType Replacement
-----------------------------------------------------------------------------------------------------------------
+ Add CerbosServerFunctionCatchA AWS::Lambda::Permission N/A
llPermission
+ Add CerbosServerFunctionRole AWS::IAM::Role N/A
+ Add CerbosServerFunction AWS::Lambda::Function N/A
+ Add ServerlessHttpApiApiGatewa AWS::ApiGatewayV2::Stage N/A
yDefaultStage
+ Add ServerlessHttpApi AWS::ApiGatewayV2::Api N/A
-----------------------------------------------------------------------------------------------------------------
Changeset created successfully.
2024-04-18 17:49:50 - Waiting for stack create/update to complete
CloudFormation events from stack operations (refresh every 5.0 seconds)
-----------------------------------------------------------------------------------------------------------------
ResourceStatus ResourceType LogicalResourceId ResourceStatusReason
-----------------------------------------------------------------------------------------------------------------
CREATE_IN_PROGRESS AWS::CloudFormation::Stack Cerbos User Initiated
CREATE_IN_PROGRESS AWS::IAM::Role CerbosServerFunctionRole -
CREATE_IN_PROGRESS AWS::IAM::Role CerbosServerFunctionRole Resource creation
Initiated
CREATE_COMPLETE AWS::IAM::Role CerbosServerFunctionRole -
CREATE_IN_PROGRESS AWS::Lambda::Function CerbosServerFunction -
CREATE_IN_PROGRESS AWS::Lambda::Function CerbosServerFunction Resource creation
Initiated
CREATE_COMPLETE AWS::Lambda::Function CerbosServerFunction -
CREATE_IN_PROGRESS AWS::ApiGatewayV2::Api ServerlessHttpApi -
CREATE_IN_PROGRESS AWS::ApiGatewayV2::Api ServerlessHttpApi Resource creation
Initiated
CREATE_COMPLETE AWS::ApiGatewayV2::Api ServerlessHttpApi -
CREATE_IN_PROGRESS AWS::ApiGatewayV2::Stage ServerlessHttpApiApiGatewa -
yDefaultStage
CREATE_IN_PROGRESS AWS::Lambda::Permission CerbosServerFunctionCatchA -
llPermission
CREATE_IN_PROGRESS AWS::ApiGatewayV2::Stage ServerlessHttpApiApiGatewa Resource creation
yDefaultStage Initiated
CREATE_COMPLETE AWS::ApiGatewayV2::Stage ServerlessHttpApiApiGatewa -
yDefaultStage
CREATE_IN_PROGRESS AWS::Lambda::Permission CerbosServerFunctionCatchA Resource creation
llPermission Initiated
CREATE_COMPLETE AWS::Lambda::Permission CerbosServerFunctionCatchA -
llPermission
CREATE_COMPLETE AWS::CloudFormation::Stack Cerbos -
-----------------------------------------------------------------------------------------------------------------
CloudFormation outputs from deployed stack
-----------------------------------------------------------------------------------------------------------------
Outputs
-----------------------------------------------------------------------------------------------------------------
Key CerbosServerFunctionAPI
Description API Gateway endpoint URL for Cerbos Server
Value <value>
Key CerbosServerFunctionIamRole
Description IAM Role created for the Cerbos Server function
Value <value>
Key CerbosServerFunction
Description Cerbos Server Function ARN
Value <value>
-----------------------------------------------------------------------------------------------------------------
Successfully created/updated stack - Cerbos in None
As you can see I have been able to deploy Cerbos successfully in AWS Lambda.
Now I want to deploy a Next.js application to AWS Lambda. I would like to understand how do I leverage the current setup to attach policies to my Next.js application which I'm deploying using AWS Lambda?Charith (Cerbos)
Charith (Cerbos)
Pratham Sikka
04/18/2024, 2:39 PMoguzhan
Pratham Sikka
04/18/2024, 2:46 PMoguzhan
Pratham Sikka
04/18/2024, 3:03 PMimport { GRPC as Cerbos } from "@cerbos/grpc";
export const cerbos = new Cerbos("cerbos:3593", { tls: false });
By SDK, is this where the AWS URL for the Cerbos instance must be added, which?
And the next step should be to push it to Lambda as a docker image. Please correct me if I'm wrong.oguzhan
cerbos:3593
to your AWS URL for Cerbos.
In your local development environment, it should stay the same (cerbos:3593
). You could use an environment variable for this.Alex Olivier (Cerbos)
Pratham Sikka
04/18/2024, 3:44 PMPratham Sikka
04/18/2024, 3:44 PM